Printable, writeable article for tracking counterfeit and diverted products

ABSTRACT

An article includes a writeable memory printed on a substrate, a characteristic of the article usable to derive a seed value, and a value stored in the memory, wherein the value is generated by a hashing process using the seed value. The writeable memory may also be a readable memory, and may store more than one value.

RELATED APPLICATIONS

This application is a continuation of, and claims priority to, U.S.Provisional Application No. 62/198,595, filed Jul. 29, 2015.

This application is related to the following applications filedconcurrently herewith, which are incorporated by reference herein intheir entirety:

U.S. patent application Ser. No. 14/954,432, filed Nov. 30, 2015.

U.S. patent application Ser. No. 14/954,474, filed Nov. 30, 2015.

Ser. No. 14/954,519, filed Nov. 30, 2015.

TECHNICAL FIELD

This disclosure relates to tracking objects having a printable memorytag, more particularly to tracking counterfeit or diverted products byreading and writing to a printable memory tag.

BACKGROUND

Identification of counterfeit and/or diverted products has severalissues. Identification of counterfeit items requires tracking andlogging of the objects being tracked. The objects need an indicia,referred to here as a tag, the uniquely identifies the object. Objectmay include packages that include multiple items, as well as theindividual items in the packages. The individual items may consist ofalmost anything, from pharmaceuticals such as bottles or other types ofcontainers, clothing such as designer clothes and shoes, documents likepassports, etc. The tags typically consist of a permanent number orother identifier that cannot be changed. These may be printed on thearticle or possibly even entered on a radio-frequency ID tag (RFID) thatcannot be changed or corrupted.

Once tagged, the object's identifier is entered into a database that isaccessible by the shipper and receiver. Typically, this consists of anetworked, centralized database. Once shipped from the initiatingfacility, where the tagging occurred, the recipient will need to readthe tag and check it against the database. This allows the recipient toverify the authenticity of validity of the tagged item.

If an item shows up as being counterfeit, the recipient has to updatethe database to provide the information on the counterfeit item. Thistransaction typically occurs on paper or through an RFID reader at thetime of the identification. If it were not done then, the informationmay be lost or inaccurate with regard to the time and date.

In some instances, the counterfeit item may not be detected, if the tagwas replicated with enough accuracy. The recipient may not know that theobject tag undergoing verification is attached to a cheaper, lowerquality version of the original object that may have been substitutedfor the original during a theft of diversion of products. Similarly, therecipient has no way of knowing if the product, even if authenticated,was diverted or somehow arrived at the recipient without havingundergone inspection or tally at customs houses or tax authorities.

SUMMARY

An embodiment is an article that includes a writeable memory printed ona substrate, a characteristic of the article usable to derive a seedvalue, and a value stored in the memory, wherein the value is generatedby a hashing process using the seed value. The writeable memory may alsobe a readable memory, and may store more than one value.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows an embodiment of a tracking and authentication system.

FIG. 2 shows a flowchart of an embodiment of a method of tagging anobject with a printable memory.

FIG. 3 shows a flowchart of an embodiment of a method of authenticatinga memory-tagged object at a first recipient.

FIG. 4 shows a flowchart of an embodiment of a method of updating a tagat a first recipient.

FIG. 5 shows a flowchart of an embodiment of a method of reporting acounterfeit or diverted object.

FIG. 6 shows a flowchart of an embodiment of a method of authenticatinga memory-tagged object at a subsequent recipient.

DETAILED DESCRIPTION OF THE EMBODIMENTS

FIG. 1 shows an embodiment of a tracking and authentication system. Thesystem has several components, including a printable, readable/writeablenon-volatile memory. An example of such printable memory is availablefrom Thin Film Electronics, ASA. The ability to print non-volatilememory onto various objects opens up many possibilities for ‘smart’ tagsbeyond radio-frequency ID (RFID) tags. RFID tags, or even memory tags,are typically manufactured, packaged and then attached to objects.Printable memory allows the tags to be printed directly on the objects,such as container seals, including pharmaceutical containers, documents,verification stamps, tax stamps, etc.

Memory tags have the capability to be rewritten, which can raise severalrisks, as counterfeiters can rewrite the tags to change the information,making it harder to track and identify legitimate objects. For thatreason, manufacturers such as Thin Film Electronics typically writecodes to be used in near-field communication (NFC) tags into thememories at manufacture in such a manner so they cannot be electricallymodified. Memory labels, such as those manufactured by Thin FilmElectronics ASA, are printed as well, but generally not used as securitytags because of the ability to write to the memory labels.

The system of FIG. 1 provides not only a solution to the issues of usingthe writeable memory, it actually turns the ability to write to thememory into an advantage using an encryption system to generate thevalues to be written into the memory. In the system 10, an initiatingcomputer 12 has the ability to run a unique, cryptographically secure,pseudo-random number generator (PRNG) 14. The PRNG may take many forms,but will have the characteristic of generating a known sequence ofnumbers when provided with a ‘seed’ value. These values are relativelysimple to generate, but difficult to guess without application ofsignificant computing power over a relatively long period of time. Acounterfeiter would not have the ability to decipher the generator toprovide the correct values in the amount of time in which it would bepossible to divert or replace the legitimate objects.

The initiating computer 12 either reads or generates the seed value 20,which will be referred to here as acquiring the seed to include bothoptions. The seed may be generated from variable physicalcharacteristics of the object, such as its precise physical dimension inthe case of a fruit, some physical characteristic of the objectobtainable by scanning it, or read from an explicit encoding, such as aQR (quick response) code, a printed 2D bar code, etc. The initiatingcomputer may print the QR code or barcode onto the object or label.Generally, the seed value will be outside the memory, although it ispossible the seed value could be stored in the memory as well. The seedvalue initiates the PRNG to produce a first value 22 in the sequence ofvalues, which is then written into the printed memory 18. For purposesof this discussion, the seed value is the value that initiates the PRNGprocess, which in turn results in the value that is written into thememory. The value or values written into the memory will be referred toas the original values, and the values generated by other entities inthe system to be checked against the original values will be referred toas the authentication value.

As shown in FIG. 1, the printed memory 18 is attached to an object 16.In some instances, the printed memories are printed on adhesive labelsthat are then attached to items. Depending upon capabilities of theprinters, not shown, the memory 18 may be printed directly onto theobject itself, rather than a label that is then attached. No limitationto any particular application of the printed memory to the object isintended and none should be implied.

The object with its associated printed memory is then shipped to atleast a first recipient. The first recipient's computer 32 will alsohave the PRNG 34 that was used by the initiating computer. The PRNG isinitialized using a seed, which is always present, and some optionaladditional parameters. In some embodiments, the seed is distributed in asecure manner, accessible and only usable by authorized users onauthenticated computers. In other embodiments, the seed may be read froma QR code or a barcode, or be publicly available, while one or moreadditional parameters are distributed in a secure manner, accessible andonly usable by authorized users on authenticated computers. The firstrecipient will first obtain the seed value in whatever manner waspredetermined by the initiating computer, such as reading the QR orbarcode, scanning the object to determine the physical characteristicthat can be turned into the seed value, etc. Once the seed value isdetermined, the recipient computer will initiate the PRNG and generatean authentication value to be compared to the value in the memory. Thiswill be discussed in more detail later.

The recipient's computer 32 may have as part of it a reader device 24that accesses the printed memory 18 to retrieve the original value towhich the authentication value will be compared. The reader may also bea separate device. Similarly the seed reader 26 may be separate from thememory reader 24, such as the QR code or barcode reader, opticalscanner, etc. These could also both be part of a smart phone. The reader24 has a memory interface 30 of some kind.

The memory interface 30 may include one or both of a probe type reader,such as a contact strip, or a set of spring loaded pins, that connect tothe memory contacts on the printed memory 18 that allows the attachedreader to both read the data in the memory and rewrite the memory asneeded. There may be a memory reader/controller 28 in the device thatconverts the signals read from the memory into the original code. Thememories are typically readable using near-field communications (NFC),but not necessarily writeable to it. Writing is typically done byphysical contact with the contacts, discussed above. However, theability to use non-contact memory writing is a possibility.

Using the one or more readers, the computer 32 obtains the seed valueand the original value. This will allow the computer to determinewhether or not the object 16 is authentic. If the reader and/or thecomputer does not have access to the centralized database 36 at thattime, it will have the capability of recording the date and time of thereading, as well as the authentic or counterfeit status of the object,for later upload to the database.

This system frees the recipient from having to upload the value readfrom memory to determine if the object is authentic or counterfeit. Thedetermination can be made locally and the reading device and/or computercan connect to the database at some other time to update the centralizeddatabase. In addition, if the object is either counterfeit or hasarrived at its final destination, the computer has the ability to writesome sort of finish code to the memory 18. The finish code could be apredetermined code that indicates the counterfeit nature of the object,or that it no longer needs to be authenticated. The finish code may alsoinclude setting the memory to zero, meaning that there is no data in thememory.

The discussion now turns to the various tasks and processes used by thedifferent users of this system. In FIG. 2, the user consists of theoriginal shipper or generator of a document, referred to here as theinitiator. The initiator acquires the seed at 40 in whatever manner hasbeen predetermined across the system. As discussed above, the seed willtypically be some characteristic of the object, a barcode, a QR code,etc., obtainable without having to read the memory. The seed value thenfeeds into the PRNG to produce a first of the original values at 42.This value is then written into the memory at 44. The initiator thenships or otherwise sends the object at 46.

FIG. 3 shows one embodiment of a method of authenticating the object ata first recipient. The first recipient may vary from other recipients aswill be discussed with regard to FIG. 6. However, there may notnecessarily be true. The first recipient and subsequent recipients mayoperate in a same fashion, but in this particular embodiment, the firstrecipient operates slightly differently.

In FIG. 3, the first recipient reads the seed and the original value at50. As discussed above, ‘reading’ the seed involves determining a seedvalue from some characteristic of the object, explicitly such as in theform of a QR code or a barcode, or implicitly such as the dimensions,patterns, etc., of the object itself. Reading the original valueinvolves accessing the memory and reading the value that was written bythe initiator.

At 52, the recipient's computer system then runs the same PRNG using theseed value to generate an authentication value. At 54, theauthentication value is checked against the original value. If thevalues match, the recipient knows that the object is authentic at 56and, meaning that it is not a counterfeit, and can be processedaccording to normal processes of the recipient, such as stocking awarehouse, shipping it onwards in the supply chain, etc. If the objectis counterfeit at 58, the at least one of the time, date and location isstored in the reader. As mentioned above the memory on the object may berewritten to store a code that identifies the object as counterfeit, orcould include the date, time and/or location.

If the object is found to be authentic at 54, the recipient may theninitiate a process as shown in FIG. 4. In this situation, the recipientmay be the first recipient or subsequent recipients that intend to sendthe object further onwards. As stated above, if an article iscounterfeit, or even if it is authentic but will go no further, thesystem can write a finish code or blank the memory. The recipient willcalculate the subsequent value using the PRNG at 60 and then write thenew value to the memory at 62. The new value will still be referred toas the original value.

As stated above, the PRNG may produce a sequence of known, reproduciblenumbers in a list. The value written by the recipient may or may not bethe next number down the list. There may be a known step difference usedto determine which value in the list is the actual ‘next’ value. Forexample, if one were to assume that the seed value, which is the samefor every user, has a first digit of the number ‘3,’ then the next valuewould be three values down the list from the first value. The next valuein the next step for the object would then be three more values down thelist of known values. Whatever the next value, the recipient writes itinto the printable memory at 62 and ships the object to the nextrecipient at 64.

Returning to FIG. 3, the recipient may execute a process to report thecounterfeit object after the determination of counterfeit at 58. FIG. 6shows one embodiment of this process. At 70, at least one of the dateand time are stored, either in the reader or the recipient's computer.Other information may also be stored, such as the SKU or other stocknumber, the location, an identifier of the object, etc. This informationis stored if the reader or computer, which may be the same thing, is notconnected to a network through which it can reach the centralizeddatabase. When a connection is present at 72, the information isuploaded at 74. In the meantime, or at any point in this process, thesystem may write a finish code into the memory at 76, but that isoptional.

As discussed above, the process of authenticating an object may differfor recipients after the first recipient. Another option is to have thefirst recipient go through the same process of tracking the step number,even though it may be zero for the first recipient, if that makes theprocess more universal for all recipients. FIG. 6 shows this process.

At 80, the next recipient receives the object and reads the seed andvalue in a similar fashion to the first recipient. It may differslightly in that the new recipient's computer may need to make a note ofwhatever the step indicator is. The recipient generates anauthentication value at 82, which in this case will involve generating alist of values. The computer then identifies the step count and countsto the appropriate number in the list at 84 before checking for a matchat 86. Alternatively, the recipient generates the value first,determines which number it is on the list and then checks the stepcount. If the step count does not match, this indicates that the productor object was diverted somewhere in the chain at 90. If there is a valuematch and the step count matches, the object is both authentic andvalid, meaning it is at the correct step.

Diversion may be a concern for several reasons. For example, if adocument secured in the above matter gets to a location that should bethe third station of the chain, but the number that matches indicatesthat it is at the fourth station, someone could have diverted thedocument, copied it, and then put it back in the chain. This also willcatch accidental double check-ins or other miscues in the supply system.

The object will have one of three states. It is authentic and valid,meaning the value matched and it is at the right step or station in thechain. It is authentic but invalid, meaning there was a value match, butit is at the wrong step. Finally, it can be inauthentic/counterfeit,which means there was no match so it will not have a step count.

In the above embodiments, the function, such as a PRNG takes a seedvalue and outputs the list of seemingly random numbers. In anotherembodiment, the function takes two inputs, a seed value and anothernumber that represents some useful information about the device,document, or object to which the writeable memory is attached. Thesecond number may consist of an encoded representation of some secondaryinformation such as an area code of the manufacturer, date ofmanufacture or expiration, name of the inspecting agency, web address ofa database server that contains more information about the product, orany other information the original sender believes to be useful to thesupply chain. At the recipient, the recipient's computer decodes thesecondary value and can use it as another verification.

In another embodiment, the bits in the values, whether the seed valuesor secondary values, may be encoded in such a manner that the bits inthe value seem statistically random. However, the recipients who havethe correct function, the seed value and, if used, the secondary value,can determine that the bits are not random.

In this manner, one can use printable, writeable memory to store valuesfor object authentication. The values do not have to be locked at themanufacturers' sites, nor are they easily guessable, but easy togenerate. The system provides an inexpensive, relatively easy toimplement, secure system for object authentication and validation.

It will be appreciated that variants of the above-disclosed and otherfeatures and functions, or alternatives thereof, may be combined intomany other different systems or applications. Various presentlyunforeseen or unanticipated alternatives, modifications, variations, orimprovements therein may be subsequently made by those skilled in theart which are also intended to be encompassed by the above embodimentsand below claims.

What is claimed is:
 1. An article, comprising: a writeable memoryprinted on a substrate attached to an object; a characteristic of theobject outside the memory, usable to derive a seed value; a value storedin the memory, wherein the value is generated by a hashing process usingthe seed value, the value being an authentication value; and a stepnumber stored in the memory, wherein the step number corresponds to thevalue stored in the memory.
 2. The article of claim 1, wherein thesubstrate comprises at least one of paper, a sticker, a bottle, a box,and a document.
 3. The article of claim 1, wherein the writeable memoryis also readable memory.
 4. The article of claim 1, wherein thecharacteristic of the object is an explicit characteristic.
 5. Thearticle of claim 4, wherein the explicit characteristic is one of a barcode or a QR code.
 6. The article of claim 1, wherein the characteristicof the object is an implicit characteristic.
 7. The article of claim 6,wherein the implicit characteristic is one of at least one dimension ofthe article or a pattern on the article.
 8. The article of claim 1,further comprising at least one conductive contact electricallyconnected to the memory.
 9. The article of claim 1, further comprising asecondary value stored in the memory.